This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch RANGER-3923
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/RANGER-3923 by this push:
new 425910b15 RANGER-4608: updated getDataShare() API to enforce ACL
specified in the datashare
425910b15 is described below
commit 425910b15f66612c847818d72ae65019f3a9d545
Author: prashant <[email protected]>
AuthorDate: Thu Dec 14 15:38:47 2023 +0530
RANGER-4608: updated getDataShare() API to enforce ACL specified in the
datashare
Signed-off-by: Madhan Neethiraj <[email protected]>
---
security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
index af70daa9d..ae7a383f8 100755
--- a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
@@ -801,12 +801,14 @@ public class GdsDBStore extends AbstractGdsStore {
}
@Override
- public RangerDataShare getDataShare(Long dataShareId) {
+ public RangerDataShare getDataShare(Long dataShareId) throws Exception {
LOG.debug("==> getDataShare({})", dataShareId);
RangerDataShare ret = dataShareService.read(dataShareId);
- // TODO: enforce RangerDataShare.acl
+ if (ret != null && !validator.hasPermission(ret.getAcl(),
GdsPermission.VIEW)) {
+ throw new Exception("no permission on dataShare id=" +
dataShareId);
+ }
LOG.debug("<== getDataShare({}): ret={}", dataShareId, ret);
